package com.dgut.cbd.finalexp.util;

import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.WebAttributes;
import org.springframework.security.web.access.AccessDeniedHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.nio.charset.Charset;

public class MyAccessDeniedHandler implements org.springframework.security.web.access.AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        request.setAttribute(WebAttributes.ACCESS_DENIED_403,
                accessDeniedException);
        response.setStatus(HttpStatus.FORBIDDEN.value());
        response.setCharacterEncoding(Charset.defaultCharset().displayName());// 解决中文乱码
        response.addHeader("Content-Type", MediaType.TEXT_HTML_VALUE);
        response.getWriter().write("你的权限不够");
    }
}
